The Hacker News

SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

SmarterTools fixed critical SmarterMail flaws, including CVSS 9.3 unauthenticated RCE and NTLM relay bugs, urging users to ...
The Hacker News

Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation

Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026-21509, a security ...
SecurityWeek

SolarWinds Patches Critical Web Help Desk Vulnerabilities

SolarWinds has patched critical Web Help Desk vulnerabilities leading to unauthenticated RCE or authentication bypass.
WinBuzzer

Microsoft January 2026 Patch Tuesday Fixes Actively Exploited DWM Zero-day Alongside 111 Security Flaws

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that ...
Bleeping Computer

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. This Patch Tuesday also addresses eight "Critical" ...
Dark Reading

Europe's GCVE Raises Concerns Over Fragmentation in Vulnerability Databases

GCVE would enhance global collaboration, flexibility, and efficiency in tracking vulnerabilities. Duplicate entries and ...